Name: Adam Gorecki
Title: System Administrator/Information Security Analyst
Employer: Mountain View County
Location: Didsbury, Alberta, Canada
Years in IT: Over 10 years
Years in information security: 1
Cybersecurity certifications: SSCP
How did you decide upon a career in cybersecurity?
Information security has been something that has always interested me. It has been at the forefront of my mind during my career as a network analyst and a system administrator. When the opportunity arose for me to take on an information security analyst role, I jumped at it.
Why did you get your SSCP®?
I wanted to get a designation that would not only give me a better and deeper understanding of information security, but also give me a designation that is well recognized by many in the industry. I also felt that in the position that I am in, the knowledge I would gain from attaining my SSCP would benefit my organization the greatest amount.
What is a typical day like for you?
Due to the size of my organization, my time is split between being a system administrator and an information security analyst. A typical day would include maintaining our server infrastructure, preparing for various information security initiatives for the year, like creating a presentation for our security awareness program, reviewing policies and making sure that our systems and data are secured appropriately.
Can you tell us about a personal career highlight?
This is only my first year as an information security analyst so the fact that my organization has begun to recognize the importance of information security by offering me this new role has really been a career highlight. Secondly, following one of my presentations on the top 10 threats we're facing as an organization, I received very positive feedback. It really encouraged me and reaffirmed why I'm doing this.
How has the SSCP certification helped you in your career?
It has helped me tremendously by deepening my knowledge of information security and given me new opportunities to further my career within my organization. It has also allowed me to share my knowledge of information security outside of my organization and better educate people on the importance of infosec.
What is the most useful advice you have for other information security professionals?
The instructor of my SSCP course told me that "You're only as secure as your company's policies". That really opened my eyes to the fact that security is not only about firewalls, IPS, IDS, networking, anti-virus, access rights, etc. It is also about creating a culture in your organization that understands the importance of information security and the role it plays within the organization.
I think that if there are any system administrators interested in getting a designation in information security I would encourage them to get their SSCP designation, because it is a great stepping stone to further designations like the CISSP. I am also in the process of preparing for my CCSP and CISSP designations and I found that having my SSCP is helping me greatly during this process.
For more information on the Systems Security Certified Practitioner certification, download our Ultimate Guide to the SSCP.